Cross-Site Scripting Vulnerability in Cisco Unified Computing System Central Software
CVE-2015-6387

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Computing System Central Software
Vendor
CVE Published:
5 December 2015

Summary

A cross-site scripting vulnerability exists in Cisco Unified Computing System Central Software version 1.3(0.1). This security flaw allows remote attackers to inject arbitrary web scripts or HTML through crafted URL parameters, potentially compromising user sessions and data. Proper input validation and sanitization measures are recommended to mitigate this vulnerability. For more details on mitigation techniques, refer to Cisco's advisories.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1034275
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.